Programmatic access to vault for scripts?
Apologies if this has been dealt with elsewhere. I use a number of Macs, and use 1P/Dropbox to sync between them. What I'd love to do is find a way to script having the Macs' shell config files (.profile, .vimrc, etc) get pulled out of 1P. I want to store them in 1P because they contain access keys and other credentials which I can't keep openly on Dropbox or github. Is there a means for a script or app on the Mac to pull a file out of the Secure Notes feature (and put it in when updated)? I'm fine with it forcing an entry of the vault password via popup whenever it operates.
1Password Version: 6.01
Extension Version: 4.5.5
OS Version: OS X 10.10.5
Sync Type: Dropbox
Comments
-
Hi @jbzimmerman,
Sorry, I can't think of any way to even begin automating that. I don't think we ever envisaged 1Password being used in this manner.
If it's just between Macs what might work a lot better would be a small encrypted disk image created by OS X's Disk Utility. You'd want to make sure it's only open on one Mac at a time as otherwise I think things might get a bit messy with it living in Dropbox but it be a better alternative. You could mount the disk image and then use standard scripts to pull and push the files backwards and forwards. I can see why it might be nice to have 1Password do this, it's just I can't think how it could. Could the disk image idea work at all for you?
0 -
Nah, Dropbox and disk images is a road to pain unless they're archival due to simultaneous access issues (I have multiple macs running at any given time). Even a way to get key/values out of 1Password programmatically, I guess - I could build something that injected stored credentials into a template stored read-only in Dropbox?
0 -
Can you setup SSH access and use rsync?
0 -
Hi @jbzimmerman ,
MrC probably has the best solution at the moment. rsync across ssh can be a secure way to sync the files.
We do get asked for an API to access 1Password data from time to time. The biggest hurdle to that is not only doing it securely, but also verifying what process is asking on the other end. There are some other challenges as well, but we do want to ensure if we did do something like that, it would be done safely.
Thanks for taking the time to write in with your use case. Use cases do help when we consider how, if, and when we offer new features.
Cheers,
Kevin0